Hardware/Software Co-monitoring
May 10, 2019 Β· Declared Dead Β· π arXiv.org
"No code URL or promise found in abstract"
Evidence collected by the PWNC Scanner
Authors
Li Lei, Kai Cong, Zhenkun Yang, Bo Chen, Fei Xie
arXiv ID
1905.03915
Category
cs.SE: Software Engineering
Cross-listed
cs.CR
Citations
2
Venue
arXiv.org
Last Checked
4 months ago
Abstract
Hardware/Software (HW/SW) interfaces, mostly implemented as devices and device drivers, are pervasive in various computer systems. Nowadays HW/SW interfaces typically undergo intensive testing and validation before release, but they are still unreliable and insecure when deployed together with computer systems to end users. Escaped logic bugs, hardware transient failures, and malicious exploits are prevalent in HW/SW interactions, making the entire system vulnerable and unstable. We present HW/SW co-monitoring, a runtime co-verification approach to detecting failures and malicious exploits in device/driver interactions. Our approach utilizes a formal device model (FDM), a transaction-level model derived from the device specification, to shadow the real device execution. Based on the co-execution of the device and FDM, HW/SW co-monitoring carries out two-tier runtime checking: (1) device checking checks if the device behaviors conform to the FDM behaviors; (2) property checking detects invalid driver commands issued to the device by verifying system properties against driver/device interactions. We have applied HW/SW co-monitoring to five widely-used devices and their Linux drivers, discovering 9 real bugs and vulnerabilities while introducing modest runtime overhead. The results demonstrate the major potential of HW/SW co-monitoring in improving system reliability and security.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Software Engineering
R.I.P.
π»
Ghosted
R.I.P.
π»
Ghosted
Microservices: yesterday, today, and tomorrow
π
π
The Cartographer
A Survey of Machine Learning for Big Code and Naturalness
R.I.P.
π»
Ghosted
An Overview on Smart Contracts: Challenges, Advances and Platforms
R.I.P.
π»
Ghosted
Slither: A Static Analysis Framework For Smart Contracts
R.I.P.
π»
Ghosted
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection
Died the same way β π» Ghosted
R.I.P.
π»
Ghosted
Federated Learning: Strategies for Improving Communication Efficiency
R.I.P.
π»
Ghosted
In-Datacenter Performance Analysis of a Tensor Processing Unit
R.I.P.
π»
Ghosted
Deep Convolutional Neural Networks for Computer-Aided Detection: CNN Architectures, Dataset Characteristics and Transfer Learning
R.I.P.
π»
Ghosted